TheInternal Controlstopic in the IOFM APS Certification Program covers the COSO (Committee of Sponsoring Organizations) framework, a widely recognized model for designing and evaluating internal controls, as mandated by the Sarbanes-Oxley Act (SOX). The COSO framework includes five components: Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities.Accounting principlesare not a COSO component, as they relate to GAAP (Generally Accepted Accounting Principles), not internal control categories.
Option A (Control environment): This is a COSO component, setting the tone for the organization’s control consciousness, including leadership and ethics.
Option B (Information and communication): This is a COSO component, ensuring relevant information is identified, captured, and communicated effectively.
Option C (Risk assessment): This is a COSO component, involving the identification and analysis of risks to achieving objectives.
Option D (Accounting principles): Accounting principles (e.g., GAAP) guide financial reporting but are not part of the COSO framework’s internal control categories. This is the correct answer.
Reference to IOFM APS Documents: The APS e-textbook underInternal Controlsstates, “The COSO framework includes five components: Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities, used to design and testinternal controls.” It distinguishes COSO from GAAP, noting that “accounting principles govern financial reporting, not internal control frameworks.” The training video reinforces this by discussing COSO’s role in SOX compliance, listing the five components and excluding accounting principles.
Submit